Closed de-jcup closed 5 years ago
Current workaround is to always add a dummy entry - e.g. "http://example.com" as whitelist entry
Hmm.. tried out old version (0.10.3) and there tests do not fail but there was an error
After trying out to create a project I found a way to reproduce the problem:
create some testdata
now create a new project by DeveloperAdmin UI:
assign scenario2_user1 to the project.
execute a normal scan
You will receive a 500 error message at client side. On server side a NPE has occurred :
java.lang.NullPointerException: null
at com.daimler.sechub.domain.schedule.whitelist.ProjectWhiteListSecHubConfigurationValidationService.fetchAllowedUris(ProjectWhiteListSecHubConfigurationValidationService.java:69) ~[main/:na]
at
...
There is another problem: When adding something not being valid (e.g. the empty entry in former first white list dialog) we cannot delete the project any longer:
org.h2.jdbc.JdbcSQLException: Referential integrity constraint violation: "C04_ADM_PROJECTWHITELIST_PROJECT_ID: PUBLIC.ADM_PROJECT_WHITELIST_URI FOREIGN KEY(PROJECT_PROJECT_ID) REFERENCES PUBLIC.ADM_PROJECT(PROJECT_ID) ('testproject')"; SQL statement:
delete from adm_project where project_id=? and version=? [23503-197]
at org.h2.message.DbException.getJdbcSQLException(DbException.java:357) ~[h2-1.4.197.jar:1.4.197]
...
at com.daimler.sechub.domain.administration.project.ProjectDeleteService.deletProject(ProjectDeleteService.java:42) ~[main/:na]
at com.daimler.sechub.domain.administration.project.ProjectDeleteService$$FastClassBySpringCGLIB$$b95f38d3.invoke(<generated>) ~[main/:na]
...
Updating the white list by an dummy entry like "https://www.example.com" did solve the problem and admin ui /service was able to delete the project then.
This did also prevent execution of IntegrationTests for the test scenario where used user was created!
Current situation: When a project is defined in SecHub without having a whitelist entry we got a NPE . Sometimes we got projects doing only a code scan, so even a empty list must be valid.